GoodRxOSS · vmelikyan · Feb 26, 2026 · Feb 26, 2026
@@ -96,6 +96,8 @@ services:
             limits:
               cpu: "4"
               memory: "8Gi"
+          podAnnotations: # Optional - custom annotations on the build pod
+            my-org/team: "backend"
         # Init container - runs before main application (optional)
         init:
           dockerfilePath: "docker/migrate.dockerfile"
@@ -168,16 +170,27 @@ The default Docker image tag, typically matching the branch name.
 
 Configuration for the Docker build process.
 
-| Field                | Type   | Description                                               |
-| -------------------- | ------ | --------------------------------------------------------- |
-| `engine`             | string | Build engine: `buildkit` (default), `kaniko`, `codefresh` |
-| `resources.requests` | object | Minimum CPU/memory guaranteed for the build job           |
-| `resources.limits`   | object | Maximum CPU/memory allowed for the build job              |
+| Field                | Type                    | Description                                                                        |
+| -------------------- | ----------------------- | ---------------------------------------------------------------------------------- |
+| `engine`             | string                  | Build engine: `buildkit` (default), `kaniko`, `codefresh`                          |
+| `resources.requests` | object                  | Minimum CPU/memory guaranteed for the build job                                    |
+| `resources.limits`   | object                  | Maximum CPU/memory allowed for the build job                                       |
+| `podAnnotations`     | `Record<string,string>` | Custom annotations applied to the build pod template (merged with global defaults) |
 
 The `resources` field lets you configure CPU and memory for the build job container. Values use standard Kubernetes resource units (e.g., `"500m"` for CPU, `"1Gi"` for memory).
 
 **Precedence:** Per-service `resources` in lifecycle.yaml take priority over values set in `global_config`. If neither is set, built-in defaults are used.
 
+<Callout type="info">
+  Build pods automatically include the annotation
+  `cluster-autoscaler.kubernetes.io/safe-to-evict: "false"` to prevent the
+  Kubernetes cluster autoscaler from evicting long-running build jobs during
+  scale-down. You can add custom annotations per-service via `podAnnotations`
+  above, or globally via `podAnnotations` in `global_config.buildDefaults`.
+  Per-service values override global defaults, and the hardcoded `safe-to-evict`
+  annotation cannot be overridden.
+</Callout>
+
 | Engine   | Default CPU Request | Default Memory Request | Default CPU Limit | Default Memory Limit |
 | -------- | ------------------- | ---------------------- | ----------------- | -------------------- |
 | buildkit | 500m                | 1Gi                    | 2                 | 4Gi                  |

@@ -230,13 +230,14 @@ The default Docker image tag, typically matching the branch name.
 
 ### docker.builder
 
-Configuration for the Docker build process. See the [GitHub service docker.builder](/docs/schema/github#dockerbuilder) section for the full reference, including `resources` configuration for build job CPU/memory.
-
-| Field                | Type   | Description                                               |
-| -------------------- | ------ | --------------------------------------------------------- |
-| `engine`             | string | Build engine: `buildkit` (default), `kaniko`, `codefresh` |
-| `resources.requests` | object | Minimum CPU/memory guaranteed for the build job           |
-| `resources.limits`   | object | Maximum CPU/memory allowed for the build job              |
+Configuration for the Docker build process. See the [GitHub service docker.builder](/docs/schema/github#dockerbuilder) section for the full reference, including `resources` configuration for build job CPU/memory and details on the `safe-to-evict` pod annotation.
+
+| Field                | Type                    | Description                                                                        |
+| -------------------- | ----------------------- | ---------------------------------------------------------------------------------- |
+| `engine`             | string                  | Build engine: `buildkit` (default), `kaniko`, `codefresh`                          |
+| `resources.requests` | object                  | Minimum CPU/memory guaranteed for the build job                                    |
+| `resources.limits`   | object                  | Maximum CPU/memory allowed for the build job                                       |
+| `podAnnotations`     | `Record<string,string>` | Custom annotations applied to the build pod template (merged with global defaults) |
 
 ### docker.app (Required when using docker)
 

@@ -74,6 +74,17 @@ SET config = jsonb_set(
 WHERE key = 'buildDefaults';
 ```
 
+### Configure Build Pod Annotations
+
+Build pods automatically include the `cluster-autoscaler.kubernetes.io/safe-to-evict: "false"` annotation to prevent eviction during cluster scale-down.
+
+You can add custom annotations in two ways:
+
+- **Per-service:** Set `podAnnotations` in the `docker.builder` section of your `lifecycle.yaml`. See the [GitHub service schema](/docs/schema/github#dockerbuilder) for details.
+- **Globally:** Set `podAnnotations` in the `buildDefaults` row of the `global_config` table. These apply to all build jobs and can be overridden per-service.
+
+The hardcoded `safe-to-evict` annotation always takes final precedence and cannot be overridden.
+
 ### Refresh Configuration Cache
 
 After running either option above, refresh the configuration cache: